Skip to content

Security audit

Security audit #248

Workflow file for this run

name: Security audit
on:
schedule:
# Runs at 00:00 UTC everyday
- cron: '0 0 * * *'
pull_request:
paths:
- 'deps/**'
- '.github/workflows/audit.yml'
- package.json
- lib/**
- src/**
jobs:
rust-audit:
runs-on: ubuntu-22.04
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: EmbarkStudios/cargo-deny-action@2d8c9929d8f9f42bedba73f1287cb0b479f07acb # v2.0.3
with:
manifest-path: "deps/swc/bindings/binding_typescript_wasm/Cargo.toml"
typescript-audit:
runs-on: ubuntu-22.04
permissions:
security-events: write
packages: read
actions: read
contents: read
strategy:
matrix:
include:
- language: javascript-typescript
steps:
- name: Checkout repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Initialize CodeQL
uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
with:
languages: ${{ matrix.language }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
with:
category: "/language:${{matrix.language}}"